• Все разделы
  • Статьи
  • Медиа
  • Новости
  • Нормативные материалы
  • Конференции
  • Глоссарий

Не установлено обновление Note 1509915

Главная Специалистам База уязвимостей Не установлено обновление Note 1509915

Карточка уязвимости

Характеристики уязвимости

Уровень опасности
Оценка CVSS
Производитель ПО
SAP
Наименование ПО
SAP Notes (1509915-2) SAP Support Packages (SAPK-30006INPE1)
Описание
1. The programs listed in the attached correction instructions contain  a vulnerability through which a malicious user can potentially read  arbitrary files on the remote server, possibly disclosing confidential information.
2. Some of the programs listed in the attached correction instructions  contain a vulnerability through which a malicious user can potentially  write arbitrary files on the remote server, possibly corrupting data or altering system behaviour.
Как исправить
See Note 1497003 for additional information and instructions. You must implement the corrections from Note 1497003 before you implement this note.

Logical File Names Used in This Solution
-----------------------------------------
The following logical file names were created to activate the validation of the physical file names:

* /PE2/PMCF_INPUT_FILE


Logical File Paths Used in This Solution
-----------------------------------------
The logical file name mentioned above uses the file path /PE2/PMCF_INPUT_PATH.
Ссылки